From: Jennifer Sutton <jennifersutton@catalyst.net.nz>
Date: Fri, 3 Oct 2025 01:30:24 +0000 (+1300)
Subject: tests/krb5: Remove unused method
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=a9f44efab376e2d8e8ccf203db0cbf303508681d;p=thirdparty%2Fsamba.git

tests/krb5: Remove unused method

Signed-off-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
---

diff --git a/python/samba/tests/krb5/pkinit_certificate_mapping_tests.py b/python/samba/tests/krb5/pkinit_certificate_mapping_tests.py
index 3116c59cc6d..ad4af36f076 100755
--- a/python/samba/tests/krb5/pkinit_certificate_mapping_tests.py
+++ b/python/samba/tests/krb5/pkinit_certificate_mapping_tests.py
@@ -496,139 +496,6 @@ class PkInitCertificateMappingTests(KDCBaseTest):
             account_type=account_type, opts=opts, use_cache=use_cache
         )
 
-    def _as_req(
-        self,
-        creds,
-        target_creds,
-        *,
-        expect_error=0,
-        expect_status=False,
-        expected_status=None,
-        expect_edata=False,
-        etypes=None,
-        freshness=None,
-        send_enc_ts=False,
-    ):
-        if send_enc_ts:
-            if creds.get_password() is None:
-                # Try the NT hash if there isn't a password
-                preauth_key = self.PasswordKey_from_creds(creds, kcrypto.Enctype.RC4)
-            else:
-                preauth_key = self.PasswordKey_from_creds(creds, kcrypto.Enctype.AES256)
-        else:
-            preauth_key = None
-
-        if freshness is not None or send_enc_ts:
-
-            def generate_padata_fn(_kdc_exchange_dict, _callback_dict, req_body):
-                padata = []
-
-                if freshness is not None:
-                    freshness_padata = self.PA_DATA_create(
-                        PADATA_AS_FRESHNESS, freshness
-                    )
-                    padata.append(freshness_padata)
-
-                if send_enc_ts:
-                    patime, pausec = self.get_KerberosTimeWithUsec()
-                    enc_ts = self.PA_ENC_TS_ENC_create(patime, pausec)
-                    enc_ts = self.der_encode(enc_ts, asn1Spec=krb5_asn1.PA_ENC_TS_ENC())
-
-                    enc_ts = self.EncryptedData_create(
-                        preauth_key, KU_PA_ENC_TIMESTAMP, enc_ts
-                    )
-                    enc_ts = self.der_encode(enc_ts, asn1Spec=krb5_asn1.EncryptedData())
-
-                    enc_ts = self.PA_DATA_create(PADATA_ENC_TIMESTAMP, enc_ts)
-
-                    padata.append(enc_ts)
-
-                return padata, req_body
-        else:
-            generate_padata_fn = None
-
-        user_name = creds.get_username()
-        cname = self.PrincipalName_create(
-            name_type=NT_PRINCIPAL, names=user_name.split("/")
-        )
-
-        target_name = target_creds.get_username()
-        target_realm = target_creds.get_realm()
-
-        if target_name == "krbtgt":
-            sname = self.PrincipalName_create(
-                name_type=NT_SRV_INST, names=["krbtgt", target_realm]
-            )
-        else:
-            sname = self.PrincipalName_create(
-                name_type=NT_PRINCIPAL, names=["host", target_name[:-1]]
-            )
-
-        if expect_error:
-            check_error_fn = self.generic_check_kdc_error
-            check_rep_fn = None
-
-            expected_sname = sname
-        else:
-            check_error_fn = None
-            check_rep_fn = self.generic_check_kdc_rep
-
-            if target_name == "krbtgt":
-                expected_sname = sname
-            else:
-                expected_sname = self.PrincipalName_create(
-                    name_type=NT_PRINCIPAL, names=[target_name]
-                )
-
-        kdc_options = "forwardable,renewable,canonicalize,renewable-ok"
-        kdc_options = krb5_asn1.KDCOptions(kdc_options)
-
-        ticket_decryption_key = self.TicketDecryptionKey_from_creds(target_creds)
-
-        kdc_exchange_dict = self.as_exchange_dict(
-            creds=creds,
-            expected_crealm=creds.get_realm(),
-            expected_cname=cname,
-            expected_srealm=target_realm,
-            expected_sname=expected_sname,
-            expected_supported_etypes=target_creds.tgs_supported_enctypes,
-            ticket_decryption_key=ticket_decryption_key,
-            generate_padata_fn=generate_padata_fn,
-            check_error_fn=check_error_fn,
-            check_rep_fn=check_rep_fn,
-            check_kdc_private_fn=self.generic_check_kdc_private,
-            expected_error_mode=expect_error,
-            expected_salt=creds.get_salt(),
-            preauth_key=preauth_key,
-            kdc_options=str(kdc_options),
-            expect_edata=expect_edata,
-            expect_status=expect_status,
-            expected_status=expected_status,
-        )
-
-        till = self.get_KerberosTime(offset=36000)
-
-        if etypes is None:
-            etypes = (
-                kcrypto.Enctype.AES256,
-                kcrypto.Enctype.RC4,
-            )
-
-        rep = self._generic_kdc_exchange(
-            kdc_exchange_dict,
-            cname=cname,
-            realm=target_realm,
-            sname=sname,
-            till_time=till,
-            etypes=etypes,
-        )
-        if expect_error:
-            self.check_error_rep(rep, expect_error)
-        else:
-            self.check_as_reply(rep)
-
-        return kdc_exchange_dict
-
     def get_ca_cert_and_private_key(self):
         # The password with which to try to encrypt the certificate or private
         # key specified on the command line.